<!Doctype html>
<html>
<head>
<meta charset="utf-8" />
<title>192.168.220.143_Redis基线扫描报告</title>
<link rel="stylesheet" href="bootstrap/css/bootstrap.min.css" />
<script src="bootstrap/js/jquery-3.3.1.min.js"></script>
<script src="bootstrap/js/popper.min.js"></script>
<script src="bootstrap/js/bootstrap.min.js"></script>
<script src="highcharts/highcharts.js"></script>
<script src="highcharts/highcharts-3d.js"></script>
<script src="highcharts/exporting.js"></script>
</head>
<body>
<div class="container">
<br /><h3 style="text-align:center;">Redis基线扫描报告</h3>
<br /></div>
<div class="container">
<h4>1. 主机基本信息</h4>
<br /><table id="hostinfo" class="table table-striped table-bordered">
<tr><th>主机名</th><td>ls-virtual-machine</td><th>IP地址</th><td>192.168.220.143</td></tr>
<tr><th>操作系统</th><td>Ubuntu 16.04.5 LTS</td><th>内核</th><td>4.15.0-43-generic</td></tr>
<tr><th>TCP服务</th><td>127.0.0.1:6379-redis<br />127.0.1.1:53--<br />0.0.0.0:22--<br />127.0.0.1:631--<br /></td><th>UDP服务</th><td>0.0.0.0:43036--<br />127.0.1.1:53--<br />0.0.0.0:68--<br />0.0.0.0:631--<br />0.0.0.0:33802--<br />0.0.0.0:5353--<br /></td></tr>
</table>
</div>
<br /><div class="container">
<h4>2. 合规统计信息</h4>
<br /><div id="pie_container" style="min-width:400px;height:400px"></div></div>
<br /><div class="container">
<h4>3. 合规检测项详情</h4>
<br /><div class="container">
<div id="accordion1">
<div class="card">
<div class="card-header bg-success text-white">
<a class="card-link text-white" data-toggle="collapse" href="#collapse1">为redis设置密码</a>
</div>
<div id="collapse1" class="collapse" data-parent="#accordion1">
<div class="card-body" style="padding:0.25rem">
<table id="RedisPassword_list" class="table">
<tr><th>检测项</th><td>^requirepass\s*\w{1,}</td></tr>
<tr><th>检测命令</th><td>searchValueByReg /opt/redis-5.0/conf/redis.conf "^requirepass\s*\w{1,}"</td></tr>
<tr><th>检测说明</th><td>为redis设置密码</td></tr>
<tr><th>检测结果</th><td>requirepass t*tsrch0st</td></tr>
</table>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<div id="accordion2">
<div class="card">
<div class="card-header bg-danger text-white">
<a class="card-link text-white" data-toggle="collapse" href="#collapse2">禁用高危命令FLUSHALL、FLUSHDB、KEYS</a>
</div>
<div id="collapse2" class="collapse" data-parent="#accordion2">
<div class="card-body" style="padding:0.25rem">
<table id="RedisPassword_list" class="table">
<tr><th>检测项</th><td>^rename-command\s*\w{1,}</td></tr>
<tr><th>检测命令</th><td>searchValueByReg /opt/redis-5.0/conf/redis.conf "^rename-command\s*\w{1,}"</td></tr>
<tr><th>检测说明</th><td>禁用高危命令FLUSHALL、FLUSHDB、KEYS</td></tr>
<tr><th>检测结果</th><td>not found</td></tr>
</table>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<div id="accordion3">
<div class="card">
<div class="card-header bg-success text-white">
<a class="card-link text-white" data-toggle="collapse" href="#collapse3">建议只监听本地地址</a>
</div>
<div id="collapse3" class="collapse" data-parent="#accordion3">
<div class="card-body" style="padding:0.25rem">
<table id="RedisAddress_list" class="table">
<tr><th>检测项</th><td>^bind\s*</td></tr>
<tr><th>检测命令</th><td>searchValueByReg /opt/redis-5.0/conf/redis.conf ^bind\s*</td></tr>
<tr><th>检测说明</th><td>建议只监听本地地址</td></tr>
<tr><th>检测结果</th><td>bind 127.0.0.1</td></tr>
</table>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<div id="accordion4">
<div class="card">
<div class="card-header bg-success text-white">
<a class="card-link text-white" data-toggle="collapse" href="#collapse4">禁止以root用户运行</a>
</div>
<div id="collapse4" class="collapse" data-parent="#accordion4">
<div class="card-body" style="padding:0.25rem">
<table id="RedisRunner_list" class="table">
<tr><th>检测项</th><td>redis-server</td></tr>
<tr><th>检测命令</th><td>ps -ef |grep redis-server|grep -v grep</td></tr>
<tr><th>检测说明</th><td>禁止以root用户运行</td></tr>
<tr><th>检测结果</th><td>ls        58423  58422  0 11:07 pts/3    00:00:25 ../bin/redis-server 127.0.0.1:6379</td></tr>
</table>
</div>
</div>
</div>
</div>
</div>
<div class="container">
<div id="accordion5">
<div class="card">
<div class="card-header bg-warning text-white">
<a class="card-link text-white" data-toggle="collapse" href="#collapse5">确认redis是最新版本</a>
</div>
<div id="collapse5" class="collapse" data-parent="#accordion5">
<div class="card-body" style="padding:0.25rem">
<table id="RedisVersion_list" class="table">
<tr><th>检测项</th><td>$SERVER_PATH</td></tr>
<tr><th>检测命令</th><td>/opt/redis-5.0/bin/redis-server -v</td></tr>
<tr><th>检测说明</th><td>确认redis是最新版本</td></tr>
<tr><th>检测结果</th><td>Redis server v=5.0.3 sha=00000000:0 malloc=libc bits=64 build=b2bedaa178448a90</td></tr>
</table>
</div>
</div>
</div>
</div>
</div>
</div>
<br /><br /><div class="container">
<h4>4. 说明</h4>
<br /><table id="report_explain" class="table table-striped table-bordered">
<tr><td><span class="badge badge-danger">红色</span></td><td>不符合配置规范要求，需要进行加固</td></tr>
<tr><td><span class="badge badge-warning" style="color:#fff;">黄色</span></td><td>不确定是否符合配置规范要求，需要人工介入确认</td></tr>
<tr><td><span class="badge badge-success">绿色</span></td><td>确认符合配置规范要求，不需要进行修改</td></tr>
</table>
</div>
                <script>
                    var  chart = Highcharts.chart('pie_container', {
            chart: {
                plotBackgroundColor: null,
                plotBorderWidth: null,
                plotShadow: false,
                options3d: {
                    enabled: true,
                    alpha: 45,
                    beta: 0
                }
            },
            title: {
                text: '合规检测统计图'
            },
            tooltip: {
                headerFormat: '{series.name}<br>',
                pointFormat: '{point.name}: <b>{point.percentage:.1f}%</b>'
            },
            plotOptions: {
                pie: {
                    allowPointSelect: true,
                    cursor: 'pointer',
                    depth: 35,
                    dataLabels: {
                        enabled: true,
                        format: '<b>{point.name}</b>: {point.percentage:.1f} %',
                        style: {
                            color: (Highcharts.theme && Highcharts.theme.contrastTextColor) || 'black'
                        }
                    },
                    states: {
                        hover: {
                            enabled: false
                        }  
                    },
                    slicedOffset: 10,         // 突出间距
                    point: {                  // 每个扇区是数据点对象，所以事件应该写在 point 下面
                        events: {
                            // 鼠标滑过是，突出当前扇区
                            mouseOver: function() {
                                this.slice();
                            },
                            // 鼠标移出时，收回突出显示
                            mouseOut: function() {
                                this.slice();
                            },
                            // 默认是点击突出，这里屏蔽掉
                            click: function() {
                                return false;
                            }
                        }
                    }
                }
            },
            series: [{
                type: 'pie',
                name: '检测项占比',
                data: [
                    {name:'合规',   y:3,color:'#28a745'},
                    {name:'待审查',y: 1,color:'#ffc107'},
                    {name:'不合规',   y:1,color:'#dc3545'}
                ]
            }]
        });
                </script>
</body>
</html>
